What Are the Latest Cyber Threats?
Remote work became the new normal during the pandemic. But while working from home allowed businesses to keep operating as usual, it also opened the door to cyber criminal activity.
Emerging cyber threats have increased cybercrime by 600% since the pandemic began [*]. Hackers and scammers use everything from classic email phishing scams to advanced cross-site scripting (XSS) to steal your sensitive information and hold your company hostage.
There are more cybersecurity risks today than ever before. So how can you keep yourself and your company safe when working online?
Are Cyber Attacks a Real Risk?
The unfortunate truth about information security is that no one thinks it’s necessary until it’s too late.
The number of data breach victims jumped 210% in Q3 2022 in comparison to Q2 2022 [*]. And not just that, the number of data breach notices without a root cause went from 19 in 2019 to 617 in 2022.
With each data breach, also comes alarming business continuity expenses. On average, business lose $4.35 million after a breach [*]. And in breaches where remote work was a driving factor, the average cost was up by another $1 million.
Cyber attacks, hacking, and data breaches are a growing threat. Yet, many companies could have prevented these threats with a bit of risk management and a proactive approach to digital security.
Whether you’re going through a digital transformation or worried about data protection, these are the emerging cyber threats that you need to beware of.
Top 21 Emerging Cyber Threats (and How They Work)
1. Malware
Malware — a combination of the words malicious and software — is an umbrella term used to refer to software that damages computers, websites, web servers, and networks.
While malware isn't a new threat, hackers are constantly capitalizing on new approaches. This includes ransomware, viruses, spyware, and trojans.
Once installed, malware can deny access to your network, secretly obtain sensitive data, and even destroy your system.
How it occurs:
Hackers send victims a “planted” link that installs infected software. Once installed, the software quickly replicates and spreads to other computers in the network.
Downloading malware is more common than you might think.
A PC matic survey of employees working from home revealed that six out of ten have been using their own devices to work remotely. Even worse, only 9% of companies have installed antivirus software on their employees’ devices.
Some signs of malware include:
- A slow PC response — frequent freezing or crashing.
- Unusually high internet data consumption.
- Modified or deleted files.
- New programs or desktop icons you don't recall installing/creating.
- Programs running or closing on their own.
- Unusual messages being sent to your contacts list without your permission.
2. Ransomware
Ransomware is a type of malware that involves extortion. Hackers prevent users from accessing data, threatening to publish or delete it until a ransom is paid.
How it occurs:
Hackers take control of a victim’s computer when they click links or download attachments that contain malware.
Recent examples of ransomware:
2021 saw a surge in ransomware attacks. One of the biggest attacks happened to Kia Motors. A cyber hacker group called DoppelPaymer demanded $20 million worth of Bitcoins to decrypt files.
The Washington, D.C. Police Department was also not spared. Babuk, a group of Russian nation-state hackers, gathered 250GB of confidential files and demanded $4 million in exchange.
3. Cryptojacking
Cryptojacking uses your computer to secretly “mine” cryptocurrencies such as Bitcoin and Ethereum. While not an immediate threat, it can slow down your devices significantly.
How it occurs:
Hackers use phishing emails or other methods to get you to click a link that then downloads the cryptojacking malware to your device.
Recent examples of cryptojacking:
In 2019, two members of the Romanian hacking group Bayrob Group were sentenced to 20 years in prison after their cryptojacking malware infected 400,000 computers [*].
In an even more bizarre case, it was recently discovered that Norton – a company that makes software designed to protect you from viruses — now installs cryptomining software on your device by default.
4. Viruses
Computer viruses are malicious pieces of code that damage your device and can replicate and spread between hosts. Much like flu viruses that can’t replicate without a host, computer viruses can’t spread without a host file or document.
How it occurs:
Once a virus successfully attaches to a host file or document, it can lay dormant until circumstances “trigger” it to execute its code. Once it does activate, the virus can spread across computers or even across corporate networks.
Recent examples of computer viruses:
The GoBrut virus is one of the most common and active computer viruses with new versions appearing every few months. GoBrut is not terribly sophisticated, but will use brute force attacks to crack your passwords and can slow down your device.
Related: What is Cyber Hygiene? 10 Easy Habits That Can Keep You Safe Online →
5. Trojans
Named after the famed Trojan horse, this type of malware uses helpful software as a backdoor to gain access and exploit a computer or network. Trojans are widely used to steal credit card information.
How it occurs:
Users click on a link that hides the Trojan malware or unknowingly download it along with legitimate software. Once the file is clicked and opened, the download proceeds to install malware onto the device.
Recent examples of trojans:
Zeus Gameover is the most recent addition to the “Zeus” family of Trojan viruses. Once installed, Zeus recognizes when you’re on a log-in page. Then, it records your keystrokes and steals your sensitive bank account details. Even worse, “Gameover” can bypass centralized servers, which makes it almost impossible to track your stolen data.
6. Worms
Worms are self-contained malware that spread through other files and programs on their own. Unlike viruses which require a host, worms are standalone programs that can “wiggle” through your network.
How it occurs:
Worms are often sent through email attachments — they duplicate themselves and send a copy to all contacts in the hacked email list. Attackers can use worms to overload servers and achieve distributed denial of service (DDoS) attacks.
Recent examples of worms:
Worms aren’t as prevalent today. However, Mydoom (Also known as Novarg) is considered the fastest-spreading and most damaging computer virus of all time. It was spread through mass emails and caused $38 billion in damages ($52 billion when adjusted for inflation).
It is still around today, generating 1% of all phishing emails.
7. Spyware
Spyware is a type of malware installed to collect information about users, including their system or browsing habits.
There are several different types of spyware to beware of. For example, Infostealers steal your information from browser forms. While Keyloggers record your keystrokes to catch sensitive data.
How it occurs:
Spyware is distributed in many ways — links, phishing emails, pop-ups, infected ads, or even poisoned links on Google search.
Once a user clicks on the link, their data is sent remotely to an attacker. The information is then used to blackmail the victim or install other malicious programs.
Recent examples of spyware:
In 2021, journalists discovered Pegasus – a sophisticated type of spyware designed to infect iOS and Android smartphones. Pegasus is capable of reading text messages, tracking calls, collecting passwords, and even location tracking.
8. Adware
Adware displays unwanted ads on your computer. It can also change your browser homepage or even add unwanted plugins and other spyware.
While adware isn't quite a virus and isn't as problematic as other code floating around the internet, you still need to remove it from your computer. Not only is it bothersome, but it could also cause other device issues down the line.
How it occurs:
Adware can come from either downloading it by mistake or getting it from a malicious website.
Once it's downloaded and installed, adware immediately starts tracking your web activity. One indicator that you’ve been infected is constant pop-up advertisements.
Recent examples of Adware:
Fireball is an adware that affected over 250 million computers in 2017 [*]. It was created by a Chinese company, Rafotech, to turn victims’ default search engines into fake search engines.
Related: The 15 Types of Hackers You Need To Be Aware Of →
9. Drive-By Downloads
Drive-by downloads are programs that install on your devices without your consent. These include bundled software and unintentional downloads of any files.
Drive-by downloads often take advantage of apps, operating systems, software, or web browsers that haven’t been updated. They can use any website as a delivery method for corrupted files.
How it occurs:
Just like other malware, drive-by downloads enter your computer unintentionally. You don't have to click on or download anything for your computer to be infected — it just happens when you visit an infected website.
Recent examples of drive-by-downloads:
In 2011, two BBC websites were injected with an iFrame which automatically infected users that visited the website [*].
10. IoT Device Attacks
Internet of Things (IoT) devices are common targets for bad actors as they don’t have space to run proper security systems and often store sensitive information like log-in details and passwords.
How it occurs:
Hackers exploit the weak security and constant connectedness of IoT devices to gain access to them. Once they install malware, hackers can link devices together and launch DDoS attacks. These attacks attempt to knock out networks by flooding them with traffic.
IoT devices such as smart speakers can also act as a weak point in your network. Once hackers are in, they can gain access to your entire system.
Recent examples of IoT device attacks:
IoT attacks are one of the most common types of emerging cyber threats. In the first half of 2021, more than 1.5 billion IoT devices were breached and used for cyberattacks [*].
11. Wipers
Wipers — or wiper malware — damage organizations by wiping as much data (if not all) as possible. Unlike ransomware which has financial motives, wiper attacks are purely disruptive. Criminals may also use wiper attacks to cover the tracks of separate data thefts.
How it occurs:
Wipers often target files, backups, and the system boot section. Normally, hackers override files to destroy them, but they don’t do this in wiper attacks because it’s time-consuming. Instead, hackers write a certain amount of data at intervals which destroys files randomly.
Recent examples of wiper attacks:
Sony Pictures experienced a wiper attack in 2014 as the studio was releasing the movie The Interview about the North Korean leader Kim Jong Un [*].
The hackers deleted the studio’s data and released hacked celebrity emails and personal information.
12. Cross-Site Scripting (XSS)
With cross-site scripting (XSS), hackers insert malicious scripts into a website with the intent of stealing users’ identities through session tokens, cookies, and other information. The malicious code is usually JavaScript but can include Flash or HTML.
How it occurs:
XSS often occurs when users log onto a web application’s session. Victims unintentionally click on the content because they think it’s legitimate. But little do they know that the attacker altered the executed script, making XSS harmful and dangerous.
Recent examples of cross-site scripting:
British Airways was the victim of an XSS attack, which affected 380,000 bookings made between August and September 2018 [*]. The attack was traced to a hacker group called Magecart, which used card-skimming techniques to get victims’ details.
13. Phishing
Phishing has been around for years, but is consistently one of the most common ways hackers try to scam you online. It involves sending messages that seem to be from a trusted source to gain personal information or scam you into downloading malware
How it occurs:
Phishing attacks can occur via email, text (known as “smishing”), phone calls, fake websites, and social networks. Hackers use a combination of social engineering tactics to gain your trust. Then, they send messages containing malware or a link to a fake site designed to steal your information.
COVID-19 scams (like PPP fraud) and phishing schemes have been especially prevalent in the past few years [*].
If you think a message is a phishing scam, look for these warning signs:
- Irregular email addresses
- Unknown senders
- Weird subject lines
- Personal information requests
- Many typos
- Things that are too good to be true
Recent examples of phishing:
Attackers use prominent business names for phishing attacks. You may hear of phishing emails from FedEx, Netflix, or even the Center for Disease Control and Prevention (CDC).
14. Whale and Spear Phishing
Whale phishing — or whaling — is a phishing attack in which the prime targets are senior executives (aka the “big fish”).
While spear phishing is a similar attack that hyper-targets a specific company or individual.
How it occurs:
In whaling, attackers impersonate high-level executives to try and steal sensitive data. In spear phishing, criminals research victims on LinkedIn or other social media sites and pose as a trusted source to gain access to their data.
Recent example of whaling and spear phishing:
A CEO of an Austrian aerospace company was fired in 2016 after falling victim to a whale phishing email scam that cost the company $58 million [*].
15. Pharming
Pharming is when cybercriminals capture user credentials through a fake landing page. There are two types of pharming: malware and DNS cache poisoning.
How it occurs:
Malware-based pharming uses trojan horses to direct you to a fake website. For example, you’ll get a link to enter your credentials on your banking site. But the link routes you to a fake (yet believable) landing page designed to steal your information.
With DNS cache poisoning, hackers exploit your DNS server. So even if you enter the URL of your banking site, you’ll still be redirected to the fake website without your knowledge.
Recent examples of pharming:
Banks are the most common target of pharming attacks. A famous 2007 incident impacted 50 financial institutions around the world [*].
More recently, in 2019, hackers took advantage of the ongoing humanitarian crisis in Venezuela to hijack a website set up for volunteers and steal their personal information [*].
16. SQL Injection Attacks
An SQL injection attack (SQLI) is typical in database-driven websites. SQL attacks happen when attackers inject code into a website or server database to steal money, change data, or erase web activity.
How it occurs:
Hackers find vulnerable website fields such as contact forms and insert malware. Once the SQL query is inserted into the website, the attacker can execute malicious commands on the database.
Recent examples of SQL Injection attacks:
Hackers broke into the 7-Eleven corporate system and stole credit card details from millions of people using SQL injection [*]. They also targeted companies such as Heartland and Hannaford. The breaches were estimated to cost $300 million.
17. Denial of Service (DoS)
A denial of service (DoS) is a website attack where attackers overwhelm a system or network with internet traffic.
A variation of DoS attacks is the distributed denial of service (DDoS) attacks.
How it occurs:
With DDoS attacks, hackers infect computers on the network with malware to turn them into bots. Attackers control the bot network (or botnet) by sending instructions remotely. Some hackers even use artificial intelligence (AI) technologies for automation purposes.
DDoS attacks result in a server overflow or network error. It can be challenging to separate DDoS traffic from regular traffic.
Recent examples of Denial of Service attacks:
In 2020, Amazon Web Services (AWS) defended itself against a DDoS attack with a peak traffic volume of 2.3 Tbps — the largest recorded traffic volume [*]. Before that, the largest DDoS attack was at 1.7 Tbps.
18. Brute Force Attacks
Brute force attacks are a type of cryptographic attack where hackers use software to repeatedly guess your login credentials. One in five networks have experienced a brute force attack.
How it occurs:
Hackers attempt to access an account by trying different passwords until they guess the right one. When you’re against hackers with a powerful computing engine or control over an extensive botnet, it can pose a problem.
Some warning signs that you’re under a brute force attack include:
- The same IP address trying to log in multiple times.
- Many IP addresses try to log into a single account.
- Multiple unsuccessful login attempts being made from different IP addresses in a short period.
Recent example of brute force attacks:
In 2018, Magento was hit by a brute force attack. Hackers accessed over 1000 admin panels to scrape credit card numbers and install malware that mines cryptocurrency [*].
19. Man-in-the-Middle Attacks (MitM)
Man-in-the-middle (MitM) attacks are a type of “shoulder surfing” where hackers eavesdrop on your connection. Hackers intercept data transfers between a server and a client to steal data and manipulate traffic.
How it occurs:
Attackers insert themselves through an IoT device or exploit unsecured public Wi-Fi.
Recent example of a man-in-the-middle attack:
In 2017, Equifax removed its apps from the Apple and Google app stores due to security concerns that allowed MitM attacks [*].
20. Insider Threats
Insider threats are security risks that begin within the targeted organization. It often involves a current or former employee with administrator privileges or access to sensitive information.
Insider threats have increased by 47% over the last two years, making them an emerging cyber threat [*].
How it occurs:
Insider threats occur when someone with authorized access misuses their access. Insider threats can be intentional or unintentional. Unintentional threats occur when a negligent employee falls victim to malware or phishing scams.
Most security operations focus on external threats. But the best course of action for limiting insider threats is restricting employee access to systems they need for work.
Recent example of an insider threat:
Over eight years, a former GE employee stole trade secrets and proprietary data with the intent of starting a rival company [*].
21. Zero-Day Attacks
Zero-day attacks happen to websites with newly-discovered security vulnerabilities.
How it occurs:
The term ‘zero-day’ alludes to web developers recently discovering the flaw, which means they have had zero days to fix it. Attackers jump to take advantage of the small time frame in which the device or program is vulnerable.
Preventing zero-day attacks requires constant monitoring and proactive detection.
Recent example of a zero-day attack:
In 2020, Zoom confirmed a zero-day security vulnerability for Microsoft Windows 7 users [*]. In 2021, hackers walked away with $200,000 after discovering another zero-day vulnerability in Zoom [*].
How To Protect Yourself From Emerging Cyber Threats
Preventing emerging cyber threats is more manageable than fixing the aftereffects of cyberattacks.
Here are a few best practices to keep your devices safe from hackers and scammers:
Use antivirus and network protection software on all your devices
Antivirus software keeps your devices safe by searching, detecting, and blocking malware. Unfortunately, with so many digital threats present in the world today, a simple antivirus solution alone isn't going to cut it. You need an all-around digital protection software such as Aura, which also:
- Blocks phishing and potential pharming sites.
- Keeps your passwords and login details secure.
- Monitors your credit for signs of financial fraud and identity theft.
- Scans the Dark Web to identify compromised accounts.
- Secures your device and network with military-grade VPN.
- Covers you with a $1,000,000 insurance policy for eligible losses due to identity theft.
Don't ignore system and software updates
Regularly updating your device software and NEVER ignore the software update prompts! This is one of the easiest ways to guard yourself against emerging cyber threats. Manufacturers intentionally release system and software updates as a safeguard against online threats. Don’t ignore them.
Use strong passwords, 2FA, and a password manager
Passwords are often our first – and only – line of defense against cyber attacks.
Choose strong passwords that use a combination of letters, numbers, and special characters. Don’t use common words or any personally identifiable information (such as birthdays or pet names).
For added protection, use two-factor or multi-factor authentication (2FA/MFA). This sends a special one-use code to use alongside your username and password. But skip 2FA on SMS as it can be hacked. Instead, use an authenticator app such as Google or Okta.
If you’re worried about keeping track of long passwords, use a password manager. These tools securely store all your passwords so all you need to remember is a single master password.
Keep regular backups of all your files
Regularly backing up your files is a mitigation measure to guard yourself against emerging cyber threats.
Choose web hosting providers that offer automatic backups if you have a website. For device backups, be sure to have many copies of your backup files. You can store them on an external hard drive or the cloud.
Stay up-to-speed with the latest attacks
Knowing more about emerging cyber threats helps you prepare and become aware of hackers’ common tactics. Cyber criminals love when people don't know they're under attack because it means they won't meet any resistance.
Arm yourself with as much knowledge as you can so that you can recognize the signs of identity theft and know what to do when you open a spam email.
Threat Actors Will Never Stop. Aura Can Help
Cyberthreats are on the rise, and they cost users and businesses millions of dollars annually. Don’t be a victim. Educate yourself, and prevent emerging cyber threats by signing up for a digital protection software like Aura.
